Obeying Business Policies

With the knowledge base, developers can go all the way down to the individual line level. But Levin added that a company doesnt have to get down to such a low level. "Companies have different attitudessome companies want a lot of minute details, others only want to see major copyright violations; we give them a volume knob," he said.
"Companies were telling us that the long-term value resided in an updated knowledge base and the ability to add their own data to the knowledge base, so we provide online updates and software upgrades to customers."

The server component of the software also can be set to obey business rules and policies that can be instituted on a companywide basis or on a developer-by-developer basis.

Black Duck can be set, for instance, so that use of any code governed by the GPL is flagged as not being usable by the developer, while code licensed under the BSD license isnt flagged and can be used.
Neither Black Duck nor the companys other customers can see the code that developers place in a company-specific knowledge base. It resides on the developers local server.
But users can extend permissions to people outside the corporate firewall to access the data. "You could, for example, let an outsourcer or a trusted partner on an extranet get at your customized knowledge base with your permission," Levin said.
He said Black Duck is "looking for partners, but practically speaking, we will have to offer some initial consulting and training services just to get some people going."
"As the worlds leading provider of open-source solutions to the enterprise, we employ hundreds of developers working on millions of lines of code," Karen Bennet, vice president of application and tools development at Red Hat Inc., said in a statement.
"Black Duck enables us to automate a manual process, saving time and resources while fitting into the software development practices that are already in place."
Click here to read about Red Hats new Linux desktop product.
Subscriptions to Black Ducks service offerings are available now. Annual subscriptions to Black Duck protexIP/development are priced starting at $2,500 per user. Volume discounts are available. Subscriptions include ongoing updates to the software and the Black Duck license and source-code knowledge base. The protexIP/registry is available to customers for $1,000 per submitted release.
Check out eWEEK.coms Linux & Open Source Center at http://linux.eWEEK.com for the latest open-source news, reviews and analysis.

Steven J. Vaughan-Nichols is editor at large for Ziff Davis Enterprise. Prior to becoming a technology journalist, Vaughan-Nichols worked at NASA and the Department of Defense on numerous major technological projects. Since then, he's focused on covering the technology and business issues that make a real difference to the people in the industry.